A surprise turn in the spotlight

By Mark Rockwell

Jan 22, 2014

For most of her DHS tenure, Margie Graves has worked behind the scenes -- highly regarded by her peers, but largely unknown outside the IT community. Last year, however, brought newfound visibility -- not all of it welcome.

Margie Graves has been at the Department of Homeland Security since the beginning. Motivated to "do something" in the wake of the 9/11 terrorist attacks, she jumped at the chance to help build the Transportation Security Administration, and has been working on DHS IT ever since.

"We've come a long way," Graves said. "DHS has gone from a standup agency provisioning computers on folding tables to getting [department-wide IT] products on the ground."

DHS, for example, is evolving into a key driver and provider for new cloud-based technologies. The agency is at the forefront of the government's Federal Risk and Authorization Management Program (FedRAMP), which sets baseline requirements for most agency cloud deployments.

Graves has also fostered DHS's agile development efforts, including an architecture for mobile devices and services within DHS that saves significant money and is referenced by other agencies.

"Margie is a strong blend of technical know-how combined with the ability to translate the technical for non-IT people," said Dan Chenok, executive director of IBM's Center for the Business of Government. "She can go deep," in explaining technology, while remaining "focused on her agency's mission."

"Her first thought" on issues critical to DHS such as immigration and national security, Chenok said, "is how to leverage DHS and cross-community resources. I've seen it several times -- that focus and her ability to work within the network to get the job done."For much of her time at the department, however, Graves was working that network behind the scenes -- highly regarded by her peers, but largely unknown outside the IT community.

That changed when then-CIO Richard Spires found himself at odds with DHS leadership and resigned in 2013. Graves stepped in as acting CIO -- and into the crossfire as Congress demanded answers about Spires' departure.

Rep. Bennie Thompson (D-Miss.), unhappy that DHS had sent Graves to testify on Spires' behalf with very little notice, began pressing the agency for details -- not only on Spires' unexplained leave, but also on Graves' employment history.

Seemingly unaware of Graves' tenure at DHS, Thompson wrote to the agency on April 19 that "it appears ... Ms. Graves may have been converted from a contractor to a direct hire in the OCIO and then placed in a position of authority over projects she initially served on as a contractor."

Neither Graves nor other agency officials could say where the contractor-conflict allegation originated, but DHS Assistant Secretary for Legislative Affairs Nelson Peacock eventually gave Thompson an official response. He noted that Graves had previously served as acting CIO before Spires arrived, and that she had been recruited from private industry in 2003 for her skills in business process re-engineering and post-merger integration.

TSA was created before DHS, and originally resided in the Department of Transportation. It moved to Homeland Security under legislation that created the department in 2002, the biggest government reorganization since World War II.

Our approach to IT underpins our success. We started with an understanding that we need a community within DHS.

Prior to DHS, Graves had 20 years of management consulting experience, working in the private sector on systems engineering, business processes, strategic planning, financial management and mergers and acquisitions.

She was hired, Peacock said, to focus "on creating one DHS from 22 legacy agencies."

Those challenges -- integrating and consolidating, while respecting DHS's many missions -- continue to this day.

Graves told FCW in an interview that in her 11 years in DHS's IT operations, she has grown to appreciate technology's influence on the department's complex multi-agency environment and operational needs.

Graves created the Enterprise Business Management Office within the office of the CIO, and was its first executive director. That effort and others, she said, have focused on making the sure the agency's IT infrastructure serves its diverse set of users without compromising its 22 component agencies' unique operational environments.

Graves also established business processes for capital planning and investment control, departmental IT budget reviews and acquisition reviews. And she was the deputy program manager for the Border and Transportation Security IT Integration Program, which established the operational foundation for the Infrastructure Transformation Program -- the DHS roadmap for consolidating and securing IT infrastructure.

"Our approach to IT underpins our success," she said. "We started with an understanding that we need a community within DHS. We built DHS's Office of IT from scratch."

DHS has its own CIO Council, and Graves said the chief security and infrastructure officers at each component agency also collaborate on how the department plans and uses its IT resources. IT projects are vetted by the council and component senior infrastructure officers before they're implemented, building that sense of community and mission. "We've continued to define community and to understand things at the enterprise and component level and in-between," she said.

That emphasis on community and collaboration extends beyond the department as well. Through ACT-IAC, the public/private association that works to improve federal IT, Graves has strived to foster better collaboration among agencies and with the private sector.

In 2013, while shouldering the responsibilities of acting CIO at DHS, she was also the government chair for ACT-IAC's Executive Leadership Conference -- a signature event for the federal IT community. "Margie has had success in bringing people together," Chenok said, "at ACT-IAC and at DHS."

One effort that grew out of that community approach was DHS's strong push to cloud computing. "Once we addressed security," Graves said, "we looked at what we should do with private and public cloud." Both figure prominently in the future of DHS IT efforts, she said.

Cybersecurity is another area where DHS "has made significant strides" over the years, said Graves. In its early days, DHS was criticized for not putting enough emphasis on cyber, but Graves said the department has worked within the White House's Digital Government Strategy to understand the wide spectrum of DHS cybersecurity needs.

It has also expanded its internal programs to grow its own crop of cybersecurity workers, improved its ability to detect intruders on its networks, and expanded facilities like the National Cybersecurity and Communications Integration Center to share real-time threat information with critical infrastructure providers.

With its work on cloud computing, big data, cybersecurity, virtualization and other technologies, DHS has grown into something of a go-to expert on emerging technology for other government entities. DHS is critical to FedRAMP, for example; Graves and her colleagues work closely with the General Services Administration to run the Joint Authorization Board. That board is now the federal government's doorkeeper for cloud services, assessing and approving which cloud providers meet government IT security standards for agency cloud deployments at low- and moderate-risk impact levels.

Her first thought is how to leverage DHS and cross-community resources. I've seen it several times — that focus and her ability to work within the network to get the job done.
—Dan Chenok
IBM Center for the Business of Government

Graves served as acting CIO until Dec. 15, when Luke McCormack -- the former CIO for Immigration and Customs Enforcement who had been Justice Department CIO since 2012 -- took the DHS IT helm. Now, back in her familiar role as deputy CIO, she is working to help her old colleague and new boss keep the department's many initiatives moving forward.

"We've matured dramatically," Graves said. “I credit the folks that come to work with the mission in mind. We've consistently improved."

The Census Bureau hasn't established a time frame for its cloud computing plans, including testing for scalability, security, and privacy protection, as well as determining a budget for cloud services.